Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/847A179CB1F711ED817E48A8F1222468.roa
File:                     847A179CB1F711ED817E48A8F1222468.roa (raw, json)
Hash identifier:          xZIPnEgXGvxfRRIHWlxYDk8W0UjpvJmrn4hEWlA6Oy8=
Subject key identifier:   15:82:B5:A7:8B:83:DD:E6:BE:2E:03:7A:0A:A6:23:00:12:DB:F9:04
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0BC4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/847A179CB1F711ED817E48A8F1222468.roa
Signing time:             Tue 21 Feb 2023 14:53:36 +0000
ROA not before:           Tue 21 Feb 2023 14:53:31 +0000
ROA not after:            Sat 22 Feb 2025 14:53:31 +0000
asID:                     60781
IP address blocks:        154.16.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3012 (0xbc4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 21 14:53:31 2023 GMT
            Not After : Feb 22 14:53:31 2025 GMT
        Subject: CN=63f4daf0-47a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:af:90:03:79:bf:3d:0c:6a:0d:32:1e:31:47:
                    1a:a2:81:38:e8:a5:7a:5c:68:33:e6:fa:30:57:61:
                    12:19:3d:d1:7c:e4:a4:59:78:dc:bd:1b:9a:58:7e:
                    e4:01:c6:dc:bd:e8:7f:7c:fa:f1:d2:ff:4d:db:8c:
                    e7:da:ef:89:87:c2:08:8b:4c:dc:74:88:ff:82:ca:
                    78:bd:2a:02:61:67:1c:a8:0c:65:0d:db:ab:b6:4f:
                    90:b0:ab:bc:3d:0f:20:fd:5c:34:f1:9f:f5:61:0b:
                    3c:4c:9f:09:3c:72:cc:97:51:3a:fc:ee:8f:0b:46:
                    39:82:ce:7f:b2:52:13:58:64:fb:42:a8:c5:b3:44:
                    3b:c1:7b:49:58:e5:22:d7:70:59:7f:d7:a0:8d:cf:
                    76:d8:22:47:e7:fa:7e:4f:cb:9b:71:1d:1c:c9:87:
                    f4:f0:3d:47:64:d3:0e:2c:2e:f5:a4:0a:0d:44:74:
                    0c:63:68:88:50:a7:9c:40:c2:86:96:76:da:d7:69:
                    46:17:07:46:79:9b:1b:88:c0:fb:b8:b9:85:4f:65:
                    c1:42:37:b5:39:00:6c:c2:df:00:87:a9:6c:ea:63:
                    8e:80:69:1f:79:c8:5e:e4:a7:83:3b:5f:4a:fd:f4:
                    86:c6:56:70:9e:20:b6:2f:27:e1:e1:fc:e3:9e:ec:
                    b8:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:82:B5:A7:8B:83:DD:E6:BE:2E:03:7A:0A:A6:23:00:12:DB:F9:04
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/847A179CB1F711ED817E48A8F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:bf:d0:b1:02:44:27:f1:ca:88:4b:1a:3e:65:11:52:e3:28:
         11:4c:29:a4:ff:38:bd:15:42:3d:ac:c8:9a:a6:00:aa:d7:3a:
         a2:6e:27:2d:fb:58:c7:32:33:66:33:2a:b5:0c:b1:5e:b5:1a:
         ad:27:a8:cb:e9:71:97:57:4f:66:b1:ae:c3:89:b8:f5:ed:3c:
         95:21:1d:dd:65:c4:72:81:4d:d7:ce:5b:9e:21:97:7b:97:d1:
         6d:ca:77:87:cd:82:a0:97:ca:c6:0f:79:b8:6c:4b:dd:42:df:
         a6:91:d8:47:cf:a2:1d:8b:dd:1a:0a:17:e3:bb:3e:0f:be:26:
         08:62:f4:84:29:aa:73:62:40:1b:70:d2:63:85:61:67:90:25:
         ae:79:ea:8f:21:34:00:82:c1:f2:f7:34:36:57:1e:8a:8a:f7:
         ee:4d:23:d9:b7:a5:04:13:d8:6b:66:12:db:17:a1:55:69:af:
         d7:4a:20:e8:91:61:79:08:80:71:d6:98:ee:f1:3d:cf:34:4e:
         5c:b0:e7:d1:a7:2d:d0:f4:0f:d5:b8:7f:31:d3:6e:cd:c5:31:
         22:67:f7:a2:31:e9:ad:7a:af:a2:bd:a5:f5:10:5f:10:8d:91:
         94:65:c6:f3:4a:89:36:0d:8e:4c:a2:fa:d4:3f:0e:5d:7a:b8:
         a9:6d:02:15
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC8QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjExNDUzMzFaFw0yNTAyMjIxNDUzMzFaMBgxFjAU
BgNVBAMMDTYzZjRkYWYwLTQ3YTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYr5ADeb89DGoNMh4xRxqigTjopXpcaDPm+jBXYRIZPdF85KRZeNy9G5pY
fuQBxty96H98+vHS/03bjOfa74mHwgiLTNx0iP+Cyni9KgJhZxyoDGUN26u2T5Cw
q7w9DyD9XDTxn/VhCzxMnwk8csyXUTr87o8LRjmCzn+yUhNYZPtCqMWzRDvBe0lY
5SLXcFl/16CNz3bYIkfn+n5Py5txHRzJh/TwPUdk0w4sLvWkCg1EdAxjaIhQp5xA
woaWdtrXaUYXB0Z5mxuIwPu4uYVPZcFCN7U5AGzC3wCHqWzqY46AaR95yF7kp4M7
X0r99IbGVnCeILYvJ+Hh/OOe7LjnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFYK1
p4uD3ea+LgN6CqYjABLb+QQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg0N0ExNzlDQjFGNzExRUQ4MTdFNDhBOEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGgwDQYJKoZIhvcNAQEL
BQADggEBACu/0LECRCfxyohLGj5lEVLjKBFMKaT/OL0VQj2syJqmAKrXOqJuJy37
WMcyM2YzKrUMsV61Gq0nqMvpcZdXT2axrsOJuPXtPJUhHd1lxHKBTdfOW54hl3uX
0W3Kd4fNgqCXysYPebhsS91C36aR2EfPoh2L3RoKF+O7Pg++Jghi9IQpqnNiQBtw
0mOFYWeQJa556o8hNACCwfL3NDZXHoqK9+5NI9m3pQQT2GtmEtsXoVVpr9dKIOiR
YXkIgHHWmO7xPc80Tlyw59GnLdD0D9W4fzHTbs3FMSJn96Ix6a16r6K9pfUQXxCN
kZRlxvNKiTYNjkyi+tQ/Dl16uKltAhU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:50 2024 by rpki-client on console-ams.rpki-client.org